I appear to have a spambot running on the same server which is hosting my email, I have blocked port 25 for all other PC’s on my network which is behind a checkpoint firewall. The firewall log appears to show a lot of outbount port 25 activity which does not match the exchange server logs for outbound mail and all the port 25 activity is coming from my mail server (according to the firewall logs).
I have tried running CA Etruct Antivirus, ESET Smart Security, Windows Defender and currently running the Microsoft Malicious Software Removal Tool.
I need to restrict through either thw Windows Firewall, ESET ESS firewall or some other firewall (suggestions please) outbound port 25 connections to Exchane Server 2007 ONLY. I also need to know how to get rid of this spambot, I check the CBL blacklist which tells me I have the Cutwail spambot.